[SC] Attempt to delete the secret before recreating it

The secure connect API for Mac OS is not trying to clear a potentially existing but corrupted secret before recreating it. BUG=none Change-Id: I80ecb09aba0b633df093a305f76b457740db77d0 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2339532Reviewed-by: Owen Min <zmin@chromium.org> Commit-Queue: Julian Pastarmov <pastarmovj@chromium.org> Cr-Commit-Position: refs/heads/master@{#795984}

[SC] Attempt to delete the secret before recreating it
The secure connect API for Mac OS is not trying to clear a potentially existing but corrupted secret before recreating it. BUG=none Change-Id: I80ecb09aba0b633df093a305f76b457740db77d0 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2339532Reviewed-by: Owen Min <zmin@chromium.org> Commit-Queue: Julian Pastarmov <pastarmovj@chromium.org> Cr-Commit-Position: refs/heads/master@{#795984}
fe83694a · Julian Pastarmov · Commit Bot · a7aa34be · fe83694a
Commit fe83694a authored Aug 07, 2020 by Julian Pastarmov Committed by Commit Bot Aug 07, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 16 additions and 2 deletions

chrome/browser/extensions/api/enterprise_reporting_private/chrome_desktop_report_request_helper.cc ...reporting_private/chrome_desktop_report_request_helper.cc +16 -2

No files found.
--- a/chrome/browser/extensions/api/enterprise_reporting_private/chrome_desktop_report_request_helper.cc
+++ b/chrome/browser/extensions/api/enterprise_reporting_private/chrome_desktop_report_request_helper.cc
@@ -373,8 +373,22 @@ OSStatus ReadEncryptedSecret(std::string* password, bool force_recreate) {
    return status;
  }

-  if (status == errSecItemNotFound || force_recreate)
-    return AddRandomPasswordToKeychain(keychain, password);
+  if (status == errSecItemNotFound || force_recreate) {
+    if (status != errSecItemNotFound) {
+      // If the item is present but can't be read. Try to delete it first.
+      // If any of those steps fail don't try to proceed any further.
+      item_ref.reset();
+      status = keychain.FindGenericPassword(
+          strlen(kServiceName), kServiceName, strlen(kAccountName),
+          kAccountName, nullptr, nullptr, item_ref.InitializeInto());
+      if (status != noErr)
+        return status;
+      status = keychain.ItemDelete(item_ref.get());
+      if (status != noErr)
+        return status;
+    }
+    status = AddRandomPasswordToKeychain(keychain, password);
+  }

  return status;
 }